Ransomware Attack Disrupts Emergency Services at Ohio Hospital

Security
Observing, pondering, and writing about tech. Generally in that order.

For nearly a decade now, ransomware has been one of the most frustrating malware menaces. There was a time when consumers were the main target. These days, however, ransomware distributors have no problem going after much larger targets.

Image: Ohio Valley Medical CenterOhio Valley Medical Center

Attacks targeting health care providers have become an increasingly regular occurrence. Over the weekend, the East Ohio Regional Hospital in Harper's Ferry, Ohio and the Ohio Valley Medical Center in Wheeling, West Virginia both fell victim to ransomware.

As IT staff dealt with the outbreak, emergency room admissions had to be limited to walk-up patients only. Ambulances were diverted to other nearby hospitals. A number of systems were taken offline and hospital staff switched immediately to paper charting out of an abundance of caution.

Thanks to the quick response and multi-layered defenses the impact of the ransomware was fairly limited. Director of marketing Karin Janiszewski told The Times Leader “we have redundant security, so the attack was able to get through the first layer but not the second layer."

So far, this sounds like the situation has been handled about as well as it could have been. No patient data was compromised as a result of the attack and there's been no indication that a ransom was paid. As a reminder, law enforcement officials say that you should never pay a ransomware ransom.

That hasn't necessarily been the case with other health care providers hit by ransomware. In 2016, Hollywood Prebyterian paid hackers around $17,000 in Bitcoin after suffering a widespread infection. Earlier this year, Hancock Regional Hospital in Greenfield, Indiana shelled out Bitcoin worth approximately $55,000 to restore encrypted files.

A third incident underscores why it's a bad idea to fork over a ransom payment. When Kansas Heart Hospital paid cybercriminals in 2016, its attackers didn't follow through on the promise to decrypt files. Instead, they sent along a second ransom demand -- for a lot more money than the initial one.

Lee started writing about software, hardware, and geek culture around the time that the Red Wings last won the Stanley Cup. The two aren't related in any way, however. When he's not catching up on tech news or blogging about it, you can find him watching or playing baseball ...